Provisioning persistent, dynamic and secure cloud services

ABSTRACT

Systems and methods may provide for confirming, by a loader module having administrative rights with respect to a computing device, the operability of an activator module on the computing device. Additionally, the activator module may be used to manage an installation status of one or more service agents or software components on the computing device and making them persistent. In one example, confirming the operability of the activator module includes conducting a presence verification and/or authentication of the activator module, wherein a replacement activator module may be downloaded to the computing device if the presence verification and/or authentication is unsuccessful.

TECHNICAL FIELD

Embodiments generally relate to provisioning cloud based services oncomputing devices. More particularly, embodiments relate to theprovisioning of persistent, dynamic and secure cloud services oncomputing devices.

BACKGROUND

K-12 (kindergarten through twelfth grade) education systems indeveloping countries may be experiencing advancements and technologicalchanges in which students are provided access to ruggedized clientdevices such as, for example, laptop computers, tablet computers andconvertible tablets for educational purposes. In addition, cloud basedservices such as, for example, platform management, mobile devicemanagement (MDM), single sign-on (SSO), web filtering and theftprotection services may be provisioned on the client devices in order toenhance security, prevent unauthorized usage, and so forth.

In a typical educational scenario in a developing country, the Ministryof Education (MoE) and/or certain school districts might acquire largequantities of the devices, which may not be widely available on the openmarket, and distribute them to the students while maintaining ownershipof the devices. Moreover, the MoE may select the services to beprovisioned on the devices based on the particular needs of theeducational community. For example, the MoE may activate (e.g., turn on)MDM services on all machines belonging to a certain middle school andactivate theft protection services on the devices distributed to gradeten of a certain high school. Similarly, the MoE may be able todeactivate (e.g., turn off) certain services on a group of devices.

Although the end users of the devices typically do not own the devices,they may have administrative rights. In this regard, end users maydeactivate, delete, prevent installation or otherwise disable operationof cloud based services on the devices without authorization of the MoE.For example, an end user may spoof the media access control (MAC) of aclient device so that during downloading, installation or usage of aservice, an authentication error may occur and render the serviceunusable.

BRIEF DESCRIPTION OF THE DRAWINGS

The various advantages of the embodiments will become apparent to oneskilled in the art by reading the following specification and appendedclaims, and by referencing the following drawings, in which:

FIG. 1 is a block diagram of an example of a provisioning approach forcloud based services according to an embodiment;

FIG. 2 is a block diagram of an example of a provisioner according to anembodiment;

FIG. 3 is a flowchart of an example of a method of provisioning one ormore services on a computing device according to an embodiment;

FIG. 4 is a flowchart of an example of a method of confirming theoperability of an activator module according to an embodiment;

FIG. 5 is a flowchart of an example of a method of using an activatormodule to install one or more service agents on a computing deviceaccording to an embodiment;

FIG. 6 is a flowchart of an example of a method of securing a MACaddress according to an embodiment;

FIG. 7 is a flowchart of an example of a method of keeping an activatormodule alive according to an embodiment;

FIG. 8 is a block diagram of an example of a logic architectureaccording to an embodiment;

FIG. 9 is a block diagram of an example of a processor according to anembodiment; and

FIG. 10 is a block diagram of an example of a system according to anembodiment.

DESCRIPTION OF EMBODIMENTS

Turning now to FIG. 1, an approach to provisioning cloud based serviceson a plurality of computing devices 20 (20 a-20 c) is shown in which anadministrative console 22 (22 a-22 c, e.g., running on a backend server,not shown) is used to dynamically select the services in real-time. Inthe illustrated example, administrative personnel 24 (e.g., Ministry ofEducation/MoE, school district, corporation and/or other organizationalrepresentatives) enter authentication information into a login page 22 aof the console, wherein a dashboard 22 b enables the administrativepersonnel 24 to browse through a variety of services such as, forexample, platform management, mobile device management (MDM), singlesign-on (SSO), web filtering and/or theft protection services forprovisioning on the computing devices 20. The console 22 may alsoinclude a cloud interface 22 c to facilitate the transfer (e.g., viarepresentational state transfer/REST application programminginterface/API) of service information, status updates, and so forth,between the console 22 and the computing devices 20, which may includeclient devices such as desktop computers, laptop computers, tabletcomputers, convertible tablets, mobile Internet devices (MIDs), personaldigital assistants (PDAs), smart phones, wearable computers, mediaplayers, etc., or any combination thereof.

Each computing device 20 may generally include a provisioner 26 that isconfigured to identify selected services via communications with thecloud interface 22 c of the administrative console 22 as well asdynamically manage the download of one or more service agents 28corresponding to the selected services on demand. The selected servicesmay be specified by uniform resource identifier (URI) or other suitablenetwork based identification technique/protocol. In the illustratedexample, the provisioner 26 communicates with one or more third partyservice APIs 30 (e.g., running on one or more third party remoteservers, not shown) in order to manage the download of the serviceagents 28 to the computing devices 20. As will be discussed in greaterdetail, communications between the provisioner 26 and the cloudinterface 22 c may be conducted via a secure sockets layer (SSL) orother secure connection. Additionally, communications between theprovisioner 26 and the service APIs 30 may be conducted by an SSL orother secure connection.

FIG. 2 shows an example in which the provisioner 26 of the computingdevice 20 a includes an activator module 32 and a loader module 34having administrative rights with respect to the computing device 20 a.The loader module 34 may be a persistent agent that cannot be removedfrom the device 20 a, and the administrative rights may include thehighest level of privileges such as, for example, protection ring zeroprivileges afforded to system applications. In addition, the loadermodule 34 may be shipped as part of the factory image of the computingdevice 20 a. Incorporating the loader module 34 into the factory imageof the computing device 20 a may enable the loader module 34 be invokedduring early stage boot processes and substantially enhance security.The factory image may also include the activator module 32.

The loader module 34 may generally confirm the operability of theactivator module 32, and use the activator module 32 to install theservice agents 28 on the computing device 20 a. More particularly, theactivator module 32 may receive notifications from the administrativeconsole 22 over a network 36, wherein the notifications may identify theselection of the service agents 28 for download. The activator module 32may identify itself to the administrative console 22 via device MACaddress, serial number, etc. The illustrated activator module 32 alsocommunicates with the service APIs 30 over the network 36 (or othersuitable network) in order to download the service agents 28 to thecomputing device 20 a.

Thus, the activator module 32 may listen to system administrator consolecommands from a backend server, wherein the commands might be “activatemachine X for service Y”, “deactivate machine X for service Y”, etc.Once the activator module 32 has been notified that the computing device20 a has been selected to activate a particular service, the activatormodule 32 may download appropriate service-specific components such asthe service agents 28 from a known location such as the service APIs 30.Similarly, the activator module 32 may deactivate service agents on thecomputing device 20 a based on notifications from the administrativeconsole 22. As will be discussed in greater detail, the loader module 34may also keep the activator module 32 alive on the computing device 20a.

The activator module 32 may therefore be responsible for downloading theservice agents 28 and initiating service activation processes on theremote servers running the service APIs 30. To prevent users fromuninstalling the service agents 28, the activator module 32 mayperiodically check the state of the service agents. If a service agent28 is missing or not running, the activator module 32 may re-install andre-start the impacted service agent 28.

The activator module 32 may implement various security measures toconfirm the integrity of the service agents 28 and further enhancesecurity. For example, the activator module 32 may create a hash of theservice agents 28 and match the computed hash with corresponding hashinformation received from the backend server running the administrativeconsole 22. Moreover, the activator module 32 may compare the size ofthe bytes of each service agent 28 with the corresponding sizeinformation received from the backend server. Additionally, alltransactions between the activator module and the backend and/or thirdparty remote servers may be conducted over SSL, as already noted. Theactivator module 32 may also use server SSL certificate pinning toensure that the activator module 32 only communicates with trustedservers.

Turning now to FIG. 3, a method 38 of provisioning one or more serviceson a computing device is shown. The method 38 may be implemented as aset of logic instructions stored in a machine- or computer-readablestorage medium such as random access memory (RAM), read only memory(ROM), programmable ROM (PROM), firmware, flash memory, etc., inconfigurable logic such as, for example, programmable logic arrays(PLAs), field programmable gate arrays (FPGAs), complex programmablelogic devices (CPLDs), in fixed-functionality hardware logic usingcircuit technology such as, for example, application specific integratedcircuit (ASIC), complementary metal oxide semiconductor (CMOS) ortransistor-transistor logic (TTL) technology, or any combinationthereof. For example, computer program code to carry out operationsshown in method 38 may be written in any combination of one or moreprogramming languages, including an object oriented programming languagesuch as Java, Smalltalk, C++ or the like and conventional proceduralprogramming languages, such as the “C” programming language or similarprogramming languages.

Illustrated processing block 40 provides for invoking a loader modulehaving administrative rights with respect to the computing device. Block42 may confirm, by the loader module, an operability of an activatormodule on the computing device. As will be discussed in greater detail,block 42 may take into consideration the presence and/or authenticationcredentials of the activator module. The activator module may be used atblock 44 to install one or more service agents on the computing device.The method 38 may function without end user intervention. Indeed, themethod 38 may operate without end user awareness (e.g., in thebackground) of the proper service agents being maintained on thecomputing device despite end user attempts to disable those agents. Inthis regard, the illustrated approach may enable stealth monitoring andreporting of unauthorized usage of computing devices by end users.

FIG. 4 shows a method 46 of confirming the operability of an activatormodule. Accordingly, the method 46, may incorporate one or more aspectsof the block 42 (FIG. 3), and may be implemented as a set of logicinstructions stored in a machine- or computer-readable storage mediumsuch as RAM, ROM, PROM, firmware, flash memory, etc., in configurablelogic such as, for example, PLAs, FPGAs, CPLDs, in fixed-functionalityhardware logic using circuit technology such as, for example, ASIC, CMOSor TTL technology, or any combination thereof. Illustrated block 48provides for conducting a presence verification of the activator moduleon the computing device. The presence verification may thereforedetermine whether the activator module has been, for example, deleted bya user of the computing device. If it is determined at block 50 that thepresence verification has been unsuccessful, the activator module may bedownloaded and installed by the loader module at block 52.

If, on the other hand, the presence verification is successful,illustrated block 54 conducts an authentication of the activator module.The authentication at block 54 may involve the exchange of digitalsignature information in order to establish a mutual trust between theloader module and the activator module. If it is determined at block 56that the authentication has been unsuccessful, a replacement activatormodule may be downloaded and installed by the loader module at block 52.Illustrated block 58 provides for execution of the activator module,wherein the activator module may ensure that the appropriate serviceagents are installed on the computing device. For example, the activatormodule may also conduct a presence verification of the selected serviceagents, and download and/or reinstall any service agents whose presencecannot be verified. The activator module, and the service agents managedby the activator module, may therefore be considered persistent on thecomputing device in that any tampering or removal of the activatormodule or service agents may be detected and effectively reversed inreal-time.

Turning now to FIG. 5, a method 60 of using an activator module toinstall one or more service agents on a computing device is shown.Accordingly, the method 60, may incorporate one or more aspects of theblock 44 (FIG. 3), and may be implemented as a set of logic instructionsstored in a machine- or computer-readable storage medium such as RAM,ROM, PROM, firmware, flash memory, etc., in configurable logic such as,for example, PLAs, FPGAs, CPLDs, in fixed-functionality hardware logicusing circuit technology such as, for example, ASIC, CMOS or TTLtechnology, or any combination thereof. Illustrated processing block 62provides for receiving, by the activator module, a notification of aselection of one or more service agents for download, wherein thenotification may be received from a backend server.

A MAC address may be obtained by the activator module from the loadermodule at block 64. The MAC address obtained from the loader module maybe used, by the activator module, at block 66 in one or moreauthentication communications with one or more remote servers. Thus, theillustrated approach protects against MAC address spoofing by computingdevice users attempting to cause an authentication error and render oneor more services inoperable. Block 68 may download and install, by theactivator module, the one or more service agents. Block 68 may involve,for example, conducting a presence verification of the selected serviceagents, and downloading and/or reinstalling any service agents whosepresence cannot be verified. In addition, illustrated block 69 mayoptionally provide for uninstalling one or more service agents that arenot selected for download to the computing device.

FIG. 6 shows a method 70 of securing a MAC address. The method 70 may beimplemented as a set of logic instructions stored in a machine- orcomputer-readable storage medium such as RAM, ROM, PROM, firmware, flashmemory, etc., in configurable logic such as, for example, PLAs, FPGAs,CPLDs, in fixed-functionality hardware logic using circuit technologysuch as, for example, ASIC, CMOS or TTL technology, or any combinationthereof. Illustrated block 72 may provide for reading, by the loadermodule, the MAC address from a first location (e.g., device firmware/FW)on the computing device that is accessible by an application layer ofthe computing device. Block 74 may store, by the loader module, the MACaddress to a second location on the computing device that isinaccessible by the application layer of the computing device. Thus,when the MAC address is supplied to the activator module in a processingblock such as, for example, block 64 (FIG. 5), the activator module maybe assured that the MAC address is trustworthy.

Turning now to FIG. 7, a method 76 of keeping an activator module aliveis shown. The method 76 may be implemented as a set of logicinstructions stored in a machine- or computer-readable storage mediumsuch as RAM, ROM, PROM, firmware, flash memory, etc., in configurablelogic such as, for example, PLAs, FPGAs, CPLDs, in fixed-functionalityhardware logic using circuit technology such as, for example, ASIC, CMOSor TTL technology, or any combination thereof. Illustrated processingblock 78 determines whether a predetermined heartbeat period hasexpired. The predetermined heartbeat period may be an amount of timethat is set based on a number of factors (e.g., security, powerconsumption, etc.), wherein one more tradeoffs may be made between thosefactors (e.g., shorter period may improve security while increasingpower consumption, and so forth). If the heartbeat period has expired,block 80 may issue, by the loader module, a heartbeat message to theactivator module. If no response to the heartbeat message is receivedfrom the activator module, the loader module might repeat an operabilityconfirmation such as, for example, the operability confirmation ofmethod 46 (FIG. 4), already discussed. Illustrated block 82 determineswhether to reinstall the activator module and resume issuance of theheartbeat messages to the newly installed activator module.

FIG. 8 shows a logic architecture 84 (84 a-84 c) that may be used toprovision persistent, dynamic and secure elements on a computing device.The logic architecture 84 may therefore be readily substituted for theprovisioner 26 (FIG. 1), already discussed. In the illustrated example,a boot module 84 a (e.g., basic input output system/BIOS) invokes aloader module 84 b from, for example, a factory image of the computingdevice, wherein the loader module 84 b has administrative rights withrespect to the computing device. The loader module 84 b may include anoperability component 86 that confirms the operability of an activatormodule 84 c and a management component 88 that uses the activator module84 c to dynamically manage an installation status of one or more serviceagents on the computing device on demand.

For example, the operability component 86 may conduct a presenceverification of the activator module 84 c on the computing device,download the activator module 84 c if the presence verification isunsuccessful, and install the activator module 84 c on the computingdevice to confirm the operability of the activator module. Theoperability component 86 may also conduct an authentication of theactivator module 84 c, download a replacement activator module 84 c tothe computing device if the authentication is unsuccessful, and installthe activator module on the computing device to confirm the operabilityof the activator module 84 c.

The illustrated activator module 84 c includes a synchronizationcomponent 89 to query a backend server for service agent selections. Theactivator module 84 c may also include a notification component 90 toreceive a notification of a selection of the one or more service agentsfor download from the backend server, and a download component 92 todownload the one or more service agents to the computing device. Asalready noted, communications between the activator module 84 c, thebackend server and the third party servers providing the service agentsmay be enhanced with SSL, hashes, agent size comparisons, certificatepinning, and so forth. The illustrated activator module 84 c alsoincludes an installation component 94 to install the one or more serviceagents on the computing device. The installation component 94 may alsoconduct a presence verification of the selected agents, and downloadand/or reinstall any service agents whose presence cannot be verified.In addition, the installation component 94 may uninstall one or moreservice agents that are not selected for download to the computingdevice. In one example, the loader module 84 b includes a heartbeatcomponent 96 to issue a heartbeat message to the activator module 84 c.

The loader module 84 b may also include a MAC component 98 to read a MACaddress from a first location on the computing device and store the MACaddress to a second location on the computing device, wherein the firstlocation is accessible by an application layer of the computing deviceand the second location is inaccessible by the application layer of thedevice. The second location may be considered a secured location due toits inaccessibility by the application layer. In this regard, thedownload component 92 of the activator module 84 c may be configured toobtain the MAC address associated with the computing device from theloader module 84 b, and use the MAC address obtained from the loadermodule 84 b in one or more authentication communications with one ormore remote servers. The loader component 84 a and the activatorcomponent 84 c may also automatically upgrade themselves when notifiedby the backend server.

FIG. 9 illustrates a processor core 200 according to one embodiment. Theprocessor core 200 may be the core for any type of processor, such as amicro-processor, an embedded processor, a digital signal processor(DSP), a network processor, or other device to execute code. Althoughonly one processor core 200 is illustrated in FIG. 9, a processingelement may alternatively include more than one of the processor core200 illustrated in FIG. 9. The processor core 200 may be asingle-threaded core or, for at least one embodiment, the processor core200 may be multithreaded in that it may include more than one hardwarethread context (or “logical processor”) per core.

FIG. 9 also illustrates a memory 270 coupled to the processor core 200.The memory 270 may be any of a wide variety of memories (includingvarious layers of memory hierarchy) as are known or otherwise availableto those of skill in the art. The memory 270 may include one or morecode 213 instruction(s) to be executed by the processor core 200,wherein the code 213 may implement the method 38 (FIG. 3), the method 46(FIG. 4), the method 60 (FIG. 5), the method 70 (FIG. 6), and/or themethod 76 (FIG. 7), already discussed. The processor core 200 follows aprogram sequence of instructions indicated by the code 213. Eachinstruction may enter a front end portion 210 and be processed by one ormore decoders 220. The decoder 220 may generate as its output a microoperation such as a fixed width micro operation in a predefined format,or may generate other instructions, microinstructions, or controlsignals which reflect the original code instruction. The illustratedfront end 210 also includes register renaming logic 225 and schedulinglogic 230, which generally allocate resources and queue the operationcorresponding to the convert instruction for execution.

The processor core 200 is shown including execution logic 250 having aset of execution units 255-1 through 255-N. Some embodiments may includea number of execution units dedicated to specific functions or sets offunctions. Other embodiments may include only one execution unit or oneexecution unit that can perform a particular function. The illustratedexecution logic 250 performs the operations specified by codeinstructions.

After completion of execution of the operations specified by the codeinstructions, back end logic 260 retires the instructions of the code213. In one embodiment, the processor core 200 allows out of orderexecution but requires in order retirement of instructions. Retirementlogic 265 may take a variety of forms as known to those of skill in theart (e.g., re-order buffers or the like). In this manner, the processorcore 200 is transformed during execution of the code 213, at least interms of the output generated by the decoder, the hardware registers andtables utilized by the register renaming logic 225, and any registers(not shown) modified by the execution logic 250.

Although not illustrated in FIG. 9, a processing element may includeother elements on chip with the processor core 200. For example, aprocessing element may include memory control logic along with theprocessor core 200. The processing element may include I/O control logicand/or may include I/O control logic integrated with memory controllogic. The processing element may also include one or more caches.

Referring now to FIG. 10, shown is a block diagram of a system 1000embodiment in accordance with an embodiment. Shown in FIG. 10 is amultiprocessor system 1000 that includes a first processing element 1070and a second processing element 1080. While two processing elements 1070and 1080 are shown, it is to be understood that an embodiment of thesystem 1000 may also include only one such processing element.

The system 1000 is illustrated as a point-to-point interconnect system,wherein the first processing element 1070 and the second processingelement 1080 are coupled via a point-to-point interconnect 1050. Itshould be understood that any or all of the interconnects illustrated inFIG. 10 may be implemented as a multi-drop bus rather thanpoint-to-point interconnect.

As shown in FIG. 10, each of processing elements 1070 and 1080 may bemulticore processors, including first and second processor cores (i.e.,processor cores 1074 a and 1074 b and processor cores 1084 a and 1084b). Such cores 1074 a, 1074 b, 1084 a, 1084 b may be configured toexecute instruction code in a manner similar to that discussed above inconnection with FIG. 9.

Each processing element 1070, 1080 may include at least one shared cache1896 a, 1896 b. The shared cache 1896 a, 1896 b may store data (e.g.,instructions) that are utilized by one or more components of theprocessor, such as the cores 1074 a, 1074 b and 1084 a, 1084 b,respectively. For example, the shared cache 1896 a, 1896 b may locallycache data stored in a memory 1032, 1034 for faster access by componentsof the processor. In one or more embodiments, the shared cache 1896 a,1896 b may include one or more mid-level caches, such as level 2 (L2),level 3 (L3), level 4 (L4), or other levels of cache, a last level cache(LLC), and/or combinations thereof.

While shown with only two processing elements 1070, 1080, it is to beunderstood that the scope of the embodiments are not so limited. Inother embodiments, one or more additional processing elements may bepresent in a given processor. Alternatively, one or more of processingelements 1070, 1080 may be an element other than a processor, such as anaccelerator or a field programmable gate array. For example, additionalprocessing element(s) may include additional processors(s) that are thesame as a first processor 1070, additional processor(s) that areheterogeneous or asymmetric to processor a first processor 1070,accelerators (such as, e.g., graphics accelerators or digital signalprocessing (DSP) units), field programmable gate arrays, or any otherprocessing element. There can be a variety of differences between theprocessing elements 1070, 1080 in terms of a spectrum of metrics ofmerit including architectural, micro architectural, thermal, powerconsumption characteristics, and the like. These differences mayeffectively manifest themselves as asymmetry and heterogeneity amongstthe processing elements 1070, 1080. For at least one embodiment, thevarious processing elements 1070, 1080 may reside in the same diepackage.

The first processing element 1070 may further include memory controllerlogic (MC) 1072 and point-to-point (P-P) interfaces 1076 and 1078.Similarly, the second processing element 1080 may include a MC 1082 andP-P interfaces 1086 and 1088. As shown in FIG. 10, MC's 1072 and 1082couple the processors to respective memories, namely a memory 1032 and amemory 1034, which may be portions of main memory locally attached tothe respective processors. While the MC 1072 and 1082 is illustrated asintegrated into the processing elements 1070, 1080, for alternativeembodiments the MC logic may be discrete logic outside the processingelements 1070, 1080 rather than integrated therein.

The first processing element 1070 and the second processing element 1080may be coupled to an I/O subsystem 1090 via P-P interconnects 1076 1086,respectively. As shown in FIG. 10, the I/O subsystem 1090 includes P-Pinterfaces 1094 and 1098. Furthermore, I/O subsystem 1090 includes aninterface 1092 to couple I/O subsystem 1090 with a high performancegraphics engine 1038. In one embodiment, bus 1049 may be used to couplethe graphics engine 1038 to the I/O subsystem 1090. Alternately, apoint-to-point interconnect may couple these components.

In turn, I/O subsystem 1090 may be coupled to a first bus 1016 via aninterface 1096. In one embodiment, the first bus 1016 may be aPeripheral Component Interconnect (PCI) bus, or a bus such as a PCIExpress bus or another third generation I/O interconnect bus, althoughthe scope of the embodiments are not so limited.

As shown in FIG. 10, various I/O devices 1014 (e.g., cameras, sensors)may be coupled to the first bus 1016, along with a bus bridge 1018 whichmay couple the first bus 1016 to a second bus 1020. In one embodiment,the second bus 1020 may be a low pin count (LPC) bus. Various devicesmay be coupled to the second bus 1020 including, for example, akeyboard/mouse 1012, network controllers/communication device(s) 1026(which may in turn be in communication with a computer network), and adata storage unit 1019 such as a disk drive or other mass storage devicewhich may include code 1030, in one embodiment. The code 1030 mayinclude instructions for performing embodiments of one or more of themethods described above. Thus, the illustrated code 1030 may implementthe method 38 (FIG. 3), the method 46 (FIG. 4), the method 60 (FIG. 5),the method 70 (FIG. 6), and/or the method 76 (FIG. 7), alreadydiscussed, and may be similar to the code 213 (FIG. 9), alreadydiscussed. Further, an audio I/O 1024 may be coupled to second bus 1020.

Note that other embodiments are contemplated. For example, instead ofthe point-to-point architecture of FIG. 10, a system may implement amulti-drop bus or another such communication topology. Also, theelements of FIG. 10 may alternatively be partitioned using more or fewerintegrated chips than shown in FIG. 10.

ADDITIONAL NOTES AND EXAMPLES

Example 1 may include a computing device to provision services,comprising an activator module and a loader module having administrativerights with respect to the computing device, the loader module includingan operability component to confirm an operability of the activatormodule, and a management component to use the activator module to managean installation status of one or more service agents on the computingdevice.

Example 2 may include the computing device of Example 1, wherein theoperability component of the loader module is to conduct a presenceverification of the activator module on the computing device, downloadthe activator module to the computing device if the presenceverification is unsuccessful, and install the activator module on thecomputing device to confirm the operability of the activator module.

Example 3 may include the computing device of Example 1, wherein theoperability component of the loader module is to conduct anauthentication of the activator module, download a replacement activatormodule if the authentication is unsuccessful, and install thereplacement activator module on the computing device to confirm theoperability of the activator module.

Example 4 may include the computing device of Example 1, wherein theactivator module includes a synchronization component to query a backendserver for service agent selections, a notification component to receivea notification of a selection of the one or more service agents fordownload from the backend server, a download component to download theone or more service agents to the computing device, and an installationcomponent to install the one or more service agents on the computingdevice.

Example 5 may include the computing device of Example 4, wherein thedownload component of the activator module is to obtain a media accesscontrol (MAC) address associated with the computing device from theloader module, and use the MAC address obtained from the loader modulein one or more authentication communications with one or more remoteservers.

Example 6 may include the computing device of Example 5, wherein theloader module includes a MAC component to read the MAC address from afirst location on the computing device that is accessible by anapplication layer of the computing device, and store the MAC address toa second location on the computing device that is inaccessible by theapplication layer of the computing device.

Example 7 may include the computing device of any one of Examples 1 to6, wherein the loader module includes a heartbeat component to issue aheartbeat message to the activator module.

Example 8 may include the computing device of any one of Examples 1 to6, further including a boot module to invoke the loader module from afactory image of the computing device.

Example 9 may include a method of provisioning services, comprisingconfirming, by a loader module having administrative rights with respectto a computing device, an operability of an activator module on thecomputing device. The method may also provide for using the activatormodule to manage an installation status of one or more service agents onthe computing device.

Example 10 may include the method of Example 9, wherein confirming theoperability of the activator module includes conducting a presenceverification of the activator module on the computing device,downloading the activator module to the computing device if the presenceverification is unsuccessful; and installing the activator module on thecomputing device.

Example 11 may include the method of Example 9, wherein confirming theoperability of the activator module includes conducting anauthentication of the activator module, downloading a replacementactivator module to the computing device if the authentication isunsuccessful, and installing the replacement activator module on thecomputing device.

Example 12 may include the method of Example 9, wherein using theactivator module to manage the installation status of the one or moreservice agents includes querying, by the activator module, a backendserver for service agent selections, receiving, by the activator module,a notification of a selection of the one or more service agents fordownload from the backend server, downloading, by the activator module,the one or more service agents to the computing device, installing, bythe activator module, the one or more service agents on the computingdevice, and uninstalling, by the activator module, one or more serviceagents that are not selected for download to the computing device.

Example 13 may include the method of Example 12, further includingconducting, by the activator module, a presence verification of the oneor more service agents on the computing device, wherein the downloadingand installing is conducted for service agents whose presence cannot beverified on the computing device.

Example 14 may include the method of Example 12, further includingobtaining, by the activator module, a media access control (MAC) addressassociated with the computing device from the loader module, and using,by the activator module, the MAC address obtained from the loader modulein one or more authentication communications with one or more remoteservers.

Example 15 may include the method of Example 14, further includingreading, by the loader module, the MAC address from a first location onthe computing device that is accessible by an application layer of thecomputing device, and storing, by the loader module, the MAC address toa second location on the computing device that is inaccessible by theapplication layer of the computing device.

Example 16 may include the method of any one of Examples 9 to 15,further including issuing, by the loader module, a heartbeat message tothe activator module.

Example 17 may include the method of any one of Examples 9 to 15,further including invoking the loader module from a factory image of thecomputing device and upgrading one or more of the activator module orthe loader module based on a notification from a backend server.

Example 18 may include at least one computer readable storage mediumcomprising a set of instructions which, when executed, cause a computingdevice to confirm, by a loader module having administrative rights withrespect to the computing device, an operability of an activator moduleon the computing device. The instructions, when executed, may also causethe computing device to use the activator module to manage aninstallation status of one or more service agents on the computingdevice.

Example 19 may include the at least one computer readable storage mediumof Example 18, wherein the instructions, when executed, cause thecomputing device to conduct a presence verification of the activatormodule on the computing device, download the activator module to thecomputing device if the presence verification is unsuccessful, andinstall the activator module on the computing device to confirm theoperability of the activator module.

Example 20 may include the at least one computer readable storage mediumof Example 18, wherein the instructions, when executed, cause thecomputing device to conduct an authentication of the activator module,download a replacement activator module if the authentication isunsuccessful, and install the replacement activator module on thecomputing device to confirm the operability of the activator module.

Example 21 may include the at least one computer readable storage mediumof Example 18, wherein the instructions, when executed, cause thecomputing device to query, by the activator module, a backend server forservice agent selections, receive, by the activator module, anotification of a selection of the one or more service agents fordownload from a backend server, download, by the activator module, theone or more service agents to the computing device, and install, by theactivator module, the one or more service agents on the computing deviceto use the activator module to install the one or more service agents.

Example 22 may include the at least one computer readable storage mediumof Example 21, wherein the instructions, when executed, cause thecomputing device to, obtain, by the activator module, a media accesscontrol (MAC) address associated with the computing device from theloader module, and use, by the activator module, the MAC addressobtained from the loader module in one or more authenticationcommunications with one or more remote servers.

Example 23 may include the at least one computer readable storage mediumof Example 22, wherein the instructions, when executed, cause thecomputing device to, read, by the loader module, the MAC address from afirst location on the computing device that is accessible by anapplication layer of the computing device, and store, by the loadermodule, the MAC address to a second location on the computing devicethat is inaccessible by the application layer of the computing device.

Example 24 may include the at least one computer readable storage mediumof any one of Examples 18 to 23, wherein the instructions, whenexecuted, cause the computing device to issue, by the loader module aheartbeat message to the activator module.

Example 25 may include the at least one computer readable storage mediumof any one of Examples 18 to 23, wherein the instructions, whenexecuted, cause the computing device to invoke the loader module from afactory image of the computing device.

Example 26 may include a computing device to provision services,comprising means for performing the method of any one of Examples 9 to17.

Thus, techniques described herein may provide a flexible, lowcost/overhead solution to securely installing and uninstalling multiplecloud based services on demand, keeping them resistant to unauthorizedremoval and/or deactivation attempts. The techniques may be useful in awide variety of settings such as, for example, K-12 educational systemsin developing countries, corporate computing infrastructures, small andmedium-sized businesses (SMBs), and so forth.

Embodiments are applicable for use with all types of semiconductorintegrated circuit (“IC”) chips. Examples of these IC chips include butare not limited to processors, controllers, chipset components,programmable logic arrays (PLAs), memory chips, network chips, systemson chip (SoCs), SSD/NAND controller ASICs, and the like. In addition, insome of the drawings, signal conductor lines are represented with lines.Some may be different, to indicate more constituent signal paths, have anumber label, to indicate a number of constituent signal paths, and/orhave arrows at one or more ends, to indicate primary information flowdirection. This, however, should not be construed in a limiting manner.Rather, such added detail may be used in connection with one or moreexemplary embodiments to facilitate easier understanding of a circuit.Any represented signal lines, whether or not having additionalinformation, may actually comprise one or more signals that may travelin multiple directions and may be implemented with any suitable type ofsignal scheme, e.g., digital or analog lines implemented withdifferential pairs, optical fiber lines, and/or single-ended lines.

Example sizes/models/values/ranges may have been given, althoughembodiments are not limited to the same. As manufacturing techniques(e.g., photolithography) mature over time, it is expected that devicesof smaller size could be manufactured. In addition, well knownpower/ground connections to IC chips and other components may or may notbe shown within the figures, for simplicity of illustration anddiscussion, and so as not to obscure certain aspects of the embodiments.Further, arrangements may be shown in block diagram form in order toavoid obscuring embodiments, and also in view of the fact that specificswith respect to implementation of such block diagram arrangements arehighly dependent upon the platform within which the embodiment is to beimplemented, i.e., such specifics should be well within purview of oneskilled in the art. Where specific details (e.g., circuits) are setforth in order to describe example embodiments, it should be apparent toone skilled in the art that embodiments can be practiced without, orwith variation of, these specific details. The description is thus to beregarded as illustrative instead of limiting.

The term “coupled” may be used herein to refer to any type ofrelationship, direct or indirect, between the components in question,and may apply to electrical, mechanical, fluid, optical,electromagnetic, electromechanical or other connections. In addition,the terms “first”, “second”, etc. may be used herein only to facilitatediscussion, and carry no particular temporal or chronologicalsignificance unless otherwise indicated.

As used in this application and in the claims, a list of items joined bythe term “one or more of” may mean any combination of the listed terms.For example, the phrases “one or more of A, B or C” may mean A; B; C; Aand B; A and C; B and C; or A, B and C.

Those skilled in the art will appreciate from the foregoing descriptionthat the broad techniques of the embodiments can be implemented in avariety of forms. Therefore, while the embodiments have been describedin connection with particular examples thereof, the true scope of theembodiments should not be so limited since other modifications willbecome apparent to the skilled practitioner upon a study of thedrawings, specification, and following claims.

We claim:
 1. A client computing device comprising: a processor; memory,cooperating with the processor; an activator module to execute on theprocessor, the activator module to automatically: periodically determinethat an installation status of one or more service agents correspondingto one or more services on a remote device is correct; and reinstall oruninstall the one or more service agents if the periodically determinedinstallation status is incorrect; and a loader module separate andindependent of the activator module, the loader module to execute on theprocessor, the loader module having administrative rights with respectto the client computing device, the loader module including: anoperability component to confirm an operability of the activator module;and a management component to use the activator module to manage theinstallation status of the one or more service agents on the clientcomputing device wherein the loader module is to periodically conduct apresence verification or authentication of the activator module,download the activator module if the presence verification orauthentication is unsuccessful, and install the activator module on theclient computing device to confirm the operability of the activatormodule.
 2. The client computing device of claim 1, wherein the activatormodule includes: a synchronization component to query a backend serverfor service agent selections; a notification component to receive anotification of a selection of the one or more service agents fordownload from the backend server; a download component to download theone or more service agents to the client computing device; and aninstallation component to install the one or more service agents on theclient computing device.
 3. The client computing device of claim 2,wherein the download component of the activator module is to: obtain amedia access control (MAC) address associated with the client computingdevice from the loader module, and use the MAC address obtained from theloader module in one or more authentication communications with one ormore remote servers.
 4. The client computing device of claim 3, whereinthe loader module includes a MAC component to read the MAC address froma first location on the client computing device that is accessible by anapplication layer of the client computing device, and store the MACaddress to a second location on the client computing device that isinaccessible by the application layer of the client computing device. 5.The client computing device of claim 1, wherein the loader moduleincludes a heartbeat component to issue a heartbeat message to theactivator module.
 6. The client computing device of claim 1, furtherincluding a boot module to invoke the loader module from a factory imageof the client computing device.
 7. A method comprising: periodicallyconfirming, by a loader module of a client computing device havingadministrative rights with respect to the client computing device, anoperability of an activator module on the client computing device, theloader module being separate and independent of the activator module;and using the activator module to automatically manage an installationstatus of one or more service agents on the client computing devicecorresponding to one or more services on a remote device by:periodically determining that the installation status of the one or moreservice agents is correct; and reinstalling or uninstalling the one ormore service agents if the periodically determined installation statusis incorrect; wherein confirming the operability of the activator moduleincludes: conducting a presence verification or authentication of theactivator module on the client computing device; downloading theactivator module to the client computing device if the presenceverification or authentication is unsuccessful; and installing theactivator module on the client computing device.
 8. The method of claim7, wherein using the activator module to manage the installation statusof the one or more service agents includes: querying, by the activatormodule, a backend server for service agent selections; receiving, by theactivator module, a notification of a selection of the one or moreservice agents for download from the backend server; downloading, by theactivator module, the one or more service agents to the client computingdevice; installing, by the activator module, the one or more serviceagents on the client computing device; and uninstalling, by theactivator module, one or more service agents that are not selected fordownload to the client computing device.
 9. The method of claim 8,further including conducting, by the activator module, a presenceverification of the one or more service agents on the client computingdevice, wherein the downloading and installing is conducted for serviceagents whose presence cannot be verified on the client computing device.10. The method of claim 8, further including: obtaining, by theactivator module, a media access control (MAC) address associated withthe client computing device from the loader module; and using, by theactivator module, the MAC address obtained from the loader module in oneor more authentication communications with one or more remote servers.11. The method of claim 10, further including: reading, by the loadermodule, the MAC address from a first location on the client computingdevice that is accessible by an application layer of the clientcomputing device; and storing, by the loader module, the MAC address toa second location on the client computing device that is inaccessible bythe application layer of the client computing device.
 12. The method ofclaim 7, further including issuing, by the loader module, a heartbeatmessage to the activator module.
 13. The method of claim 7, furtherincluding: invoking the loader module from a factory image of the clientcomputing device; and upgrading one or more of the activator module orthe loader module based on a notification from a backend server.
 14. Atleast one non-transitory computer readable storage medium comprising aset of instructions which, when executed, cause a client computingdevice comprising a processor and memory cooperating with the processorto: periodically confirm, by a loader module to execute on the processorof the client computing device having administrative rights with respectto the client computing device, an operability of an activator module onthe client computing device, the loader module being separate andindependent of the activator module; and use the activator module toexecute on the processor to automatically manage an installation statusof one or more service agents on the client computing devicecorresponding to one or more services on a remote device by: periodicdetermination that the installation status of the one or more serviceagents is correct; and reinstallation or uninstallation of the one ormore service agents if the periodic determination is that theinstallation status is incorrect; conduct a presence verification orauthentication of the activator module on the client computing device;download the activator module to the client computing device if thepresence verification or authentication is unsuccessful; and install theactivator module on the client computing device to confirm theoperability of the activator module.
 15. The at least one computerreadable storage medium of claim 14, wherein the instructions, whenexecuted, cause the client computing device to: query, by the activatormodule, a backend server for service agent selections; receive, by theactivator module, a notification of a selection of the one or moreservice agents for download from the backend server; download, by theactivator module, the one or more service agents to the client computingdevice; and install, by the activator module, the one or more serviceagents on the client computing device to use the activator module toinstall the one or more service agents.
 16. The at least one computerreadable storage medium of claim 15, wherein the instructions, whenexecuted, cause the client computing device to: obtain, by the activatormodule, a media access control (MAC) address associated with the clientcomputing device from the loader module; and use, by the activatormodule, the MAC address obtained from the loader module in one or moreauthentication communications with one or more remote servers.
 17. Theat least one computer readable storage medium of claim 16, wherein theinstructions, when executed, cause the client computing device to: read,by the loader module, the MAC address from a first location on theclient computing device that is accessible by an application layer ofthe client computing device; and store, by the loader module, the MACaddress to a second location on the client computing device that isinaccessible by the application layer of the client computing device.18. The at least one computer readable storage medium of claim 14,wherein the instructions, when executed, cause the client computingdevice to issue, by the loader module a heartbeat message to theactivator module.
 19. The at least one computer readable storage mediumof claim 14, wherein the instructions, when executed, cause the clientcomputing device to invoke the loader module from a factory image of theclient computing device.